GitHub

KQL Queries for Microsoft Sentinel & Defender

A curated collection of production-ready Kusto Query Language (KQL) queries for security operations, threat hunting, and compliance monitoring in Microsoft Sentinel, Microsoft 365 Defender, and Azure ...
GitHub

aa-ajay/KQL-Advanced-Hunting

The purpose of this repository is to share KQL queries that can be used by anyone and are understandable. These queries are intended to increase detection coverage through the logs of Microsoft ...